Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

Author Topic: 8 viruses found, unable to delete.    (Read 43449 times)

0 Members and 1 Guest are viewing this topic.

DAVE9999

  • Guest
8 viruses found, unable to delete.  
« on: June 06, 2006, 02:31:18 PM »
Windows XP home.....Intel pentium 4....3.2ghz....512 ram....  

Hello, have picked up 8 viruses, found when using Kapersky online as follows

C:\System Volume Information\_restore{4A29620B-0973-4CDA-BBC9-4088620A8365}\RP152\A0061781.exe Infected: Packed.Win32.Tibs skipped

C:\temp\cs_mary.exe/Realtime.dll Infected: Trojan-Spy.Win32.Delf.fk skipped

C:\temp\cs_mary.exe CreateInstall: infected - 1 skipped

C:\temp\setup_ares.exe/data0037 Infected: not-a-virus:AdWare.Win32.NavExcel.i skipped

C:\temp\setup_ares.exe NSIS: infected - 1 skipped

C:\temp\WarezP2P_DLC.exe/stream/data0035 Infected: not-a-virus:AdWare.Win32.NewDotNet skipped

C:\temp\WarezP2P_DLC.exe/stream Infected: not-a-virus:AdWare.Win32.NewDotNet skipped

C:\temp\WarezP2P_DLC.exe NSIS: infected - 2 skipped




I have been getting some online community forum help and the expert says


"Please remove/uninstall thru add/remove program

Ares
Kazza Lite

Reboot


Kaspersky Results:

One is under system restore and we will get that as a last step.

The others are in temp folder so...


*********Run CCleaner useing windows tab only please***********



Run the above tool from safe mode explained below


Safe Mode:

Now reboot into safe mode by tapping your F8 key upon restart and safe mode screen appears, select safe mode and press enter."

I did all that but wasnt sure on the sentance     "Run CCleaner useing windows tab only".

WHAT ON EARTH DO THEY MEAN??
I have downloaded a copy of CCleaner from     http://www.ccleaner.com/.

But after using it, as directed, Running another Kapaskey  the nasties are still there.

I have asked twice to the person what  "Run CCleaner useing windows tab only". means, but have received no reply.

PLEASE reply to that question only,     if you know.
"Run CCleaner useing windows tab only"

I,m stuck with it at the moment, with some viruses to be deleted,

HOPING to go on to getting my WMP 10 working properly.

I've tried uninstalling and installing but whenever a web site has online streaning WMP videos, it crashes the system.  giving the "WMP has encountered an error, and must close"  message.
A more common fault with it nowerdays.....Gates lot hasn't bothered to fix it...maybe even WMP 11 will keep crashing..

Many thanks..

"Run CCleaner useing windows tab only"  is the question!  what do they mean.??







dl65

  • R.I.P.


  • Prodigy

    Thanked: 18
    Re: 8 viruses found, unable to delete.  
    « Reply #1 on: June 06, 2006, 02:41:49 PM »
    DAVE9999......Ok ....... I hear you frustation .......
    I am assumming your machine became infected as the result of using
    Ares and or Kazza Lite .....is that about it ?
    Well try and do this one step at a time

    dl65  ::)
    If you don't know the answer, it isn't a dumb question.

    DAVE9999

    • Guest
    Re: 8 viruses found, unable to delete.  
    « Reply #2 on: June 06, 2006, 03:11:18 PM »
    hello dl65, just got this message literally a few mins ago.
    I do suspect Ares and kazza lite infected it all.  Have deleated it using add/remove.
    Please download the Killbox by Option^Explicit.

    Note:In the event you already have Killbox, this is a new version that I need you to download.
    Save it to your desktop.

    Please double-click Killbox.exe to run it.

    Select
    "Delete on Reboot
    Then click on either the "All Files" button if there is more than 1 item to Delete.
    Please copy the file path(s) below to the clipboard by highlighting ALL of them and pressing CTRL + C

    C:\temp\cs_mary.exe/Realtime.dll
    C:\temp\cs_mary.exe CreateInstall
    C:\temp\setup_ares.exe/data0037
    C:\temp\setup_ares.exe NSI
    C:\temp\WarezP2P_DLC.exe/stream/data0035
    C:\temp\WarezP2P_DLC.exe/stream


    Return to Killbox, go to the File menu, and choose "Paste from Clipboard".

    Click the red-and-white "Delete File" button. Click "Yes" at the Delete on Reboot prompt. Click "No" at the Pending Operations prompt.
    If your computer does not restart automatically, please restart it manually.


    Looks like we have dispenced with the CCleaner st up.

    Do you think the above is the solution?

    dl65

    • R.I.P.


    • Prodigy

      Thanked: 18
      Re: 8 viruses found, unable to delete.  
      « Reply #3 on: June 06, 2006, 03:13:52 PM »
       DAVE9999.....  We'll lets just be sure ,    Have you turned off system restore ?

      dl65  ::)
      If you don't know the answer, it isn't a dumb question.

      dl65

      • R.I.P.


      • Prodigy

        Thanked: 18
        Re: 8 viruses found, unable to delete.  
        « Reply #4 on: June 06, 2006, 03:28:38 PM »
        DAVE9999   I'm not convinced your system is clean yet .............
        It sounds like there are two issues  here ......... a virus or viruses as well as a trojan .

        dl65  ::)
        « Last Edit: June 06, 2006, 03:29:03 PM by dl65 »
        If you don't know the answer, it isn't a dumb question.

        DAVE9999

        • Guest
        Re: 8 viruses found, unable to delete.  
        « Reply #5 on: June 06, 2006, 04:12:57 PM »
        Hello dl65 , just checked and System restore is on.  should it be off for the time being.

        Matey whos just contacted me reconds I should ctrl + c the mentioned viruses and copy to clipboard



        It will not copy to clipboard using ctrl +c highlighting ALL of them and pressing CTRL + C

        Nothing comes up in the killbox "full path of file to delete" Is it still there?.

        The minute I start contacting you,, matey finally contacts me.

        I perhaps wont get another answer off him till tomorrow.
        Individually copying them to the "Kill box" program and rebooting would be the only answer. doing it 6 times though.  Cause the clipboard function isn't working. or doesn't seem to be.

        Does the clipboard have to be enabled??

        Can you beleive this, found

        Adds Clipboard Viewer into your Start Menu

        If you Clipboard Viewer is not on the Start menu, then you need to install it. Here is how:

         

        1. Right-click Start button> Properties > Classic Start Menu > Customize > Add > Browse > C: drive, expand the tree by clicking the plus signs to Windows, System32, select clipbrd (or clipbrd.exe, depending on your folder View settings)

        AND IT IS NOT THERE.

        at every turn things just don't go right for me just lately.

        DAVE9999

        • Guest
        Re: 8 viruses found, unable to delete.  
        « Reply #6 on: June 06, 2006, 05:41:08 PM »
        How do dl65.  I have got the clipboard viewer working,  had to load up into "Killbox" program each virus location one at a time .
          And get for each the message "Pending file rename operations registry data has been removed by external process"


        looks like those six viruses are going to be hard to delete.

        C:\temp\cs_mary.exe/Realtime.dll
        C:\temp\cs_mary.exe CreateInstall
        C:\temp\setup_ares.exe/data0037
        C:\temp\setup_ares.exe NSI
        C:\temp\WarezP2P_DLC.exe/stream/data0035
        C:\temp\WarezP2P_DLC.exe/stream

        They are the nasties, no doubt hidden away in the regestry, possibly changing names and that.
        Unless there is another virus killing program that can find them in the regestry.

        dl65

        • R.I.P.


        • Prodigy

          Thanked: 18
          Re: 8 viruses found, unable to delete.  
          « Reply #7 on: June 06, 2006, 05:58:14 PM »
           DAVE9999....  Here's what I suggets you do ...... ( out aside the info from your mate for right now ) and please do the following

          Turn off system restore immediately ..... as you probably are infected with both viruses as well as trojans ....and they love to hide in the restore files ......

          Then open ccleaner and configure it as detailed here .....
          http://www.computerhope.com/cgi-bin/yabb/YaBB.cgi?num=1149558249  

          once you have it configured ...please run the cleaner portion .....just click on the brush icon ...then in the lower right corner click on run cleaner .

          Let me know when you have finished up to there

          dl65  ::)
          If you don't know the answer, it isn't a dumb question.

          DAVE9999

          • Guest
          Re: 8 viruses found, unable to delete.  
          « Reply #8 on: June 06, 2006, 06:31:55 PM »
          Hello dl65, turned off systems restore and ran CCleaner to settings.....thanks.

          dl65

          • R.I.P.


          • Prodigy

            Thanked: 18
            Re: 8 viruses found, unable to delete.  
            « Reply #9 on: June 06, 2006, 06:37:28 PM »
            Dave ...are we ready to do the next step ?
            do you happen to remember about how much cleaner removed ?

            dl65  ::)
            « Last Edit: June 06, 2006, 06:38:54 PM by dl65 »
            If you don't know the answer, it isn't a dumb question.

            DAVE9999

            • Guest
            Re: 8 viruses found, unable to delete.  
            « Reply #10 on: June 06, 2006, 06:38:21 PM »
            all ready,

            dl65

            • R.I.P.


            • Prodigy

              Thanked: 18
              Re: 8 viruses found, unable to delete.  
              « Reply #11 on: June 06, 2006, 06:39:37 PM »
              Before we do the next step , do you have Ewido on your machine ?

              dl65  ::)
              If you don't know the answer, it isn't a dumb question.

              DAVE9999

              • Guest
              Re: 8 viruses found, unable to delete.  
              « Reply #12 on: June 06, 2006, 06:40:25 PM »
              yes, 3.5 malware

              dl65

              • R.I.P.


              • Prodigy

                Thanked: 18
                Re: 8 viruses found, unable to delete.  
                « Reply #13 on: June 06, 2006, 06:42:00 PM »
                ok ...thats great ...now what I would like you to do is reboot into safe mode ...and once there ....run your anti virus program ....is it up to date ?

                dl65  ::)
                If you don't know the answer, it isn't a dumb question.

                DAVE9999

                • Guest
                Re: 8 viruses found, unable to delete.  
                « Reply #14 on: June 06, 2006, 06:43:50 PM »
                All up to date. downladed new update today.